Rust: Add source / basic basic models.

2026-04-21 06:55:31 +02:00 · 2025-05-15 17:31:01 +01:00
parent b78d51e079
commit 13f6de9924
6 changed files with 33 additions and 12 deletions
--- a/rust/ql/lib/codeql/rust/frameworks/async-rs.model.yml
+++ b/rust/ql/lib/codeql/rust/frameworks/async-rs.model.yml
@@ -0,0 +1,6 @@
+extensions:
+  - addsTo:
+      pack: codeql/rust-all
+      extensible: sourceModel
+    data:
+      - ["repo:https://github.com/async-rs/async-std:async-std", "<crate::net::tcp::stream::TcpStream>::connect", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "remote", "manual"]
--- a/rust/ql/lib/codeql/rust/frameworks/futures.model.yml
+++ b/rust/ql/lib/codeql/rust/frameworks/futures.model.yml
@@ -4,3 +4,4 @@ extensions:
      extensible: summaryModel
    data:
      - ["repo:https://github.com/rust-lang/futures-rs:futures-executor", "crate::local_pool::block_on", "Argument[0]", "ReturnValue", "value", "manual"]
+      - ["repo:https://github.com/rust-lang/futures-rs:futures-util", "<crate::io::buf_reader::BufReader>::new", "Argument[0]", "ReturnValue", "taint", "manual"]
--- a/rust/ql/lib/codeql/rust/frameworks/rustls.model.yml
+++ b/rust/ql/lib/codeql/rust/frameworks/rustls.model.yml
@@ -0,0 +1,12 @@
+extensions:
+  - addsTo:
+      pack: codeql/rust-all
+      extensible: sourceModel
+    data:
+      - ["repo:https://github.com/rustls/rustls:rustls", "<crate::client::client_conn::connection::ClientConnection>::new", "ReturnValue.Field[crate::result::Result::Ok(0)]", "remote", "manual"]
+  - addsTo:
+      pack: codeql/rust-all
+      extensible: summaryModel
+    data:
+      - ["repo:https://github.com/quininer/futures-rustls:futures-rustls", "<crate::TlsConnector>::connect", "Argument[1]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/rustls/rustls:rustls", "<crate::conn::ConnectionCommon>::reader", "Argument[self]", "ReturnValue", "taint", "manual"]
--- a/rust/ql/test/library-tests/dataflow/sources/TaintSources.expected
+++ b/rust/ql/test/library-tests/dataflow/sources/TaintSources.expected
@@ -75,8 +75,10 @@
 | test.rs:619:26:619:61 | ...::connect_timeout | Flow source 'RemoteSource' of type remote (DEFAULT). |
 | test.rs:671:28:671:57 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). |
 | test.rs:753:22:753:49 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). |
+| test.rs:779:22:779:50 | ...::new | Flow source 'RemoteSource' of type remote (DEFAULT). |
 | test.rs:806:16:806:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). |
 | test.rs:806:16:806:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). |
+| test_futures_io.rs:19:15:19:32 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). |
 | web_frameworks.rs:12:31:12:31 | a | Flow source 'RemoteSource' of type remote (DEFAULT). |
 | web_frameworks.rs:12:31:12:31 | a | Flow source 'RemoteSource' of type remote (DEFAULT). |
 | web_frameworks.rs:21:31:21:35 | TuplePat | Flow source 'RemoteSource' of type remote (DEFAULT). |
--- a/rust/ql/test/library-tests/dataflow/sources/test.rs
+++ b/rust/ql/test/library-tests/dataflow/sources/test.rs
@@ -776,9 +776,9 @@ fn test_rustls() -> std::io::Result<()> {
        .with_no_client_auth();
    let server_name = rustls::pki_types::ServerName::try_from("www.example.com").unwrap();
    let config_arc = std::sync::Arc::new(config);
-    let mut client = rustls::ClientConnection::new(config_arc, server_name).unwrap(); // $ MISSING: Alert[rust/summary/taint-sources]
+    let mut client = rustls::ClientConnection::new(config_arc, server_name).unwrap(); // $ Alert[rust/summary/taint-sources]
    let mut reader = client.reader();
-    sink(&reader); // $ MISSING: hasTaintFlow
+    sink(&reader); // $ hasTaintFlow=config_arc

    {
        let mut buffer = [0u8; 100];
@@ -789,13 +789,13 @@ fn test_rustls() -> std::io::Result<()> {
    {
        let mut buffer = Vec::<u8>::new();
        let _bytes = reader.read_to_end(&mut buffer)?;
-        sink(&buffer); // $ MISSING: hasTaintFlow
+        sink(&buffer); // $ hasTaintFlow=config_arc
    }

    {
        let mut buffer = String::new();
        let _bytes = reader.read_to_string(&mut buffer)?;
-        sink(&buffer); // $ MISSING: hasTaintFlow
+        sink(&buffer); // $ hasTaintFlow=config_arc
    }

    Ok(())
--- a/rust/ql/test/library-tests/dataflow/sources/test_futures_io.rs
+++ b/rust/ql/test/library-tests/dataflow/sources/test_futures_io.rs
@@ -16,21 +16,21 @@ use async_std::net::TcpStream;

 async fn test_futures_rustls_futures_io() -> io::Result<()> {
    let url = "www.example.com:443";
-    let tcp = TcpStream::connect(url).await?; // $ MISSING: Alert[rust/summary/taint-sources]
-    sink(&tcp); // $ MISSING: hasTaintFlow
+    let tcp = TcpStream::connect(url).await?; // $ Alert[rust/summary/taint-sources]
+    sink(&tcp); // $ hasTaintFlow=url
    let config = rustls::ClientConfig::builder()
        .with_root_certificates(rustls::RootCertStore::empty())
        .with_no_client_auth();
    let connector = TlsConnector::from(Arc::new(config));
    let server_name = rustls::pki_types::ServerName::try_from("www.example.com").unwrap();
    let mut reader = connector.connect(server_name, tcp).await?;
-    sink(&reader); // $ MISSING: hasTaintFlow
+    sink(&reader); // $ hasTaintFlow=url

    {
        // using the `AsyncRead` trait (low-level)
        let mut buffer = [0u8; 64];
        let mut pinned = Pin::new(&mut reader);
-        sink(&pinned); // $ MISSING: hasTaintFlow
+        sink(&pinned); // $ hasTaintFlow=url
        let mut cx = Context::from_waker(futures::task::noop_waker_ref());
        let bytes_read = pinned.poll_read(&mut cx, &mut buffer);
        if let Poll::Ready(Ok(n)) = bytes_read {
@@ -51,12 +51,12 @@ async fn test_futures_rustls_futures_io() -> io::Result<()> {
    }

    let mut reader2 = futures::io::BufReader::new(reader);
-    sink(&reader2); // $ MISSING: hasTaintFlow
+    sink(&reader2); // $ hasTaintFlow=url

    {
        // using the `AsyncBufRead` trait (low-level)
        let mut pinned = Pin::new(&mut reader2);
-        sink(&pinned); // $ MISSING: hasTaintFlow
+        sink(&pinned); // $ hasTaintFlow=url
        let mut cx = Context::from_waker(futures::task::noop_waker_ref());
        let buffer = pinned.poll_fill_buf(&mut cx);
        if let Poll::Ready(Ok(buf)) = buffer {
@@ -87,7 +87,7 @@ async fn test_futures_rustls_futures_io() -> io::Result<()> {
        // using the `AsyncRead` trait (low-level)
        let mut buffer = [0u8; 64];
        let mut pinned = Pin::new(&mut reader2);
-        sink(&pinned); // $ MISSING: hasTaintFlow
+        sink(&pinned); // $ hasTaintFlow=url
        let mut cx = Context::from_waker(futures::task::noop_waker_ref());
        let bytes_read = pinned.poll_read(&mut cx, &mut buffer);
        sink(&buffer); // $ MISSING: hasTaintFlow=url
@@ -110,7 +110,7 @@ async fn test_futures_rustls_futures_io() -> io::Result<()> {
    {
        // using the `AsyncBufRead` trait (low-level)
        let mut pinned = Pin::new(&mut reader2);
-        sink(&pinned); // $ MISSING: hasTaintFlow
+        sink(&pinned); // $ hasTaintFlow=url
        let mut cx = Context::from_waker(futures::task::noop_waker_ref());
        let buffer = pinned.poll_fill_buf(&mut cx);
        sink(&buffer); // $ MISSING: hasTaintFlow=url